2 matches found
Magento Server Mass Importer - Cross-Site Scripting
Magento Server Mass Importer plugin contains multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via the 1 profile parameter to web/magmi.php or 2 QUERYSTRING to web/magmiimportrun.php. id: CVE-2015-2068 info: name: Magento Server Mass...
CVE-2015-2068
CVE-2015-2068 refers to multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (Magento Mass Importer) plugin for Magento Server. The flaws allow remote attackers to inject arbitrary web script or HTML through (1) the profile parameter to web/magmi.php or (2) the QUERY_STRING to web/mag...